Example that demonstrates protecting a resource and
using Form-Based authentication. To access the page the user must
have role of either "tomcat" or "role1". By default no user
is configured to have these roles.